Is there a property that lets you get the security group ID of the EKS created security group on a worker node created with aws.eks.NodeGroup?

Is there any guidance for integrating 'build' tasks into Pulumi. Lets just say extending the S3 static site with the generation step, similar how the docker tasks will build the image for you

I get "InvalidParameterException: Invalid Region in ARN" when doing

pulumi destroy

. Checked the yaml and the region is correct. I think it may have been caused by me changing the region and the attempting a

pulumi up

that failed. Now, no matter what region i set in the config, it gives that error. Can anyone help please?

hi folks, i tried to deploy AKS cluster on Azure Gov and got this error

Addon 'azurepolicy' is not supported in this cloud environment.

It comes from terraform azure provider, doesn't it? Is there any solution or work around available? Thanks

Is there a way to have per-project logins? For example, one project uses a local login, while another uses the Pulumi service. Right now I have to remember to switch logins everytime I go to a new directory/project.

I'm in some weird state. When I do

pulumi up

this one is stuck here:

-   └─ kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition>  <http://challenges.acme.cert-manager.io|challenges.acme.cert-manager.io>  deleting     completing deletion from previous update

If I export the stack I can't see any

pending_operations

and if I try to manually run

helm uninstall cert-manager

I can see that it's not even installed. I've also tried running

pulumi refresh

and just

pulumi stack export | pulumi stack import

but it doesn't help

I'm trying to use the GitLab provider with a private GitLab instance via VPN, but although I've configured the

gitlab:token

and

gitlab:base_url

config values, I get a network error:

error: Get "<https://gitlab.company.com/api/v4/user>": dial tcp: lookup <http://gitlab.company.com|gitlab.company.com> on 8.8.8.8:53: no such host

Where company.com is the redacted version of my actual host. I've double checked using cURL that I can access the instance given the access token that Pulumi uses and it all works great. Any ideas?

I've tried to use the

pulumi/pulumi

Docker image in my CI/CD process, but I've noticed its size is approximately 3GB 😲. Now, I'll probably build my own slimmer image, but I'm curious, if I'm using Pulumi with a TypeScript project, what runtime dependencies do I need except the Pulumi executable and nodejs? Let's say I'm only targeting Azure in my code. Will I need the

az

executable to be present on

PATH

too?

Hey guys/gals, is there away to periodically update deployments (kubernetes)? basically pull a new "latest" image and deploy.

I just discovered Pulumi and i am investigating on how to map this https://github.com/gruntwork-io/terragrunt-infrastructure-live-example in Pulumi. I am thinking about how to structure my project directory in stacks. I was reading https://www.pulumi.com/docs/intro/concepts/organizing-stacks-projects/ but really there is no single multi environment/multi region project example. I think it will be useful to create an example project that map to https://github.com/gruntwork-io/terragrunt-infrastructure-live-example because it is a usual terraform/terragrunt structure.

What are the strategies for deploying lambda functions written in TypeScript in a large project? I’m getting some weird transpilation issues. But also it looks like all of the production dependencies are being bundled, regardless if they are used or not. Surely that’s not efficient. Would bundling with webpack first be the go to approach?

Is there a way to use pulumi to drive straight

docker run

commands with different

docker context

's? - or alternatively any docker-compose like utility? (I understand this is not a primary/intended use case)

anyone had success importing an aws vpc?

Is there a

dry-run

mode in Pulumi?

So now when I have my stack up and running with k8s and everything I need. How would I go about deploying helm charts to it from another repo? What's best practice here? Should I just copy my kubeconfigs etc to github secrets as I did before pulumi for running my CD?

I have a pending task in my state from a previous failed run. How can I remove this pending task?

When trying to run tf2pulumi I’m getting messages: unknown function ‘filebase64’ undefined variable module Is it expected? Or should tf2pulumi support import terraform modules and terraform functions?

I'm using Pulumi Python SDK to deploy an EC2 instance with one security group attached. If I attach additional security group to that same instance, Pulumi terminates previously create EC2 instance and deploys a new instance with 2 security groups. Is it possible to avoid EC2 instance termination and instruct Pulumi to simply attach additional security group to existing instance?

I'm stuck on a few basic concepts. We're a SaaS which creates staticaly build websites (in Gatsby). We're porting an old legacy application which was multi-tenant PHP based... Anyway, our current pre-alpha, essentially works by doing a build on Netlify of our React application and handles the hosting. It pulls data from a CMS we set up per website. The current way we would set up new sites is not going to scale for us, so i'm looking at Pulumi. My issues I have is understanding the flow.... ie. We need to set up a CMS per customer (with some pre-configured configuration options). Then we need to set up an environment to do a

yarn build

which then builds the site and capable of doing new builds EVERY time something on the CMS changes, (similar to Netlify) and then deploy it to some CDN/Cloudfront(S3 etc). No preference here though. (1) The confusion I have is basically our new SaaS IS the pulumi project right? Or would we have multiple projects, one per customer? Additionally, if our customers choose their hostname on our main application, I can't find anything within Pulumi which let's us pass variabe/configs from our app to Pulumi to handle the automation part. (The search on Pulumi docs is down so it's making it realy difficult to slice through the docs). (2) Any one got any nice ideas for how we handle the building of the site part? The beauty of Netlify was that it handled that for us, but it's way too expensive for the build minutes we need.

Any of course, https://www.pulumi.com/docs/search/?q=config isn't loading for me. So just a heads up incase wasn't reported yet.

Hi, I followed the basic tutorial to start a k8s cluster using Pulumi (creating the cluster and then adding a NGINX deployment on it). This works fine (except when using a non-default Amazon credentials, although I'm not sure why). The problem I have is that after all the steps complete, I couldn't access the public IP of the nginx deployment from my browser. I tried updating the code using that of another tutorial (which sets up an nginx to redirect the pulumi.github.io page), and all the steps worked correctly but I still couldn't see the page from outside. Could someone indicate what permissions I should change?

Does anyone know if this https://www.pulumi.com/docs/reference/pkg/vsphere/ will work on the free vmware product: https://www.vmware.com/uk/products/vsphere-hypervisor.html

The module docs make it sound like it should work

But I can't say I know

I'm wondering how it knows where to find the host - VSPHERE_SERVER seems to be the name of the datacenter not an IP or anything

aha

oh no - that creates a host...